Jump to content
  • Checkout
  • Login
  • Get in touch

osCommerce

The e-commerce.

customer login problems


brudan

Recommended Posts

I am having problems with my site. When someone tries to login to their account they get these errors

 

Warning: session_start() [function.session-start]: Cannot send session cookie - headers already sent by (output started at /home2/brudan/public_html/catalog/includes/languages/english/login.php:2) in /home2/brudan/public_html/catalog/includes/functions/sessions.php on line 102

 

Warning: session_start() [function.session-start]: Cannot send session cache limiter - headers already sent (output started at /home2/brudan/public_html/catalog/includes/languages/english/login.php:2) in /home2/brudan/public_html/catalog/includes/functions/sessions.php on line 102

 

Warning: Cannot modify header information - headers already sent by (output started at /home2/brudan/public_html/catalog/includes/languages/english/login.php:2) in/home2/brudan/public_html/catalog/includes/functions/general.php on line 45

 

Can anyone help me out here?

 

Also... why does my address bar only show bslales.com and not http.. etc...?

And because of the theme i have installed and other addons my SSL cert is not working correctly.. is this a problem with OSCommerce?

 

I know.. alot of questions.. sorry..

Link to comment
Share on other sites

Ok.. hostgator support had me add some code to my htaccess and it worked but my admin part of the site is not working with the htaccess enabled. It looks like oscommerce is setup for SSL . Anyone know how to secure my site and unsecure the admin area? Can I move the admin area out of the main site? If so.. how?

 

Anyone have any ideas?

Link to comment
Share on other sites

Take out the stuff from .htaccess.

 

The place to start is to find out why you get the first "Cannot send session cookie" message. That usually means that something is sending output to the browser too early, before all the HTTP header stuff has been completed. The error message says that the offending file is in or about line 2 of /catalog/includes/languages/english/login.php. Check there and see what it's writing to the browser. Compare it against a browser "View Page Source" and see if there is a stray blank or Byte Order Mark being sent (the latter is common in UTF-8 language files). See if even you've been hacked and someone added unauthorized code to login.php!

 

By the way, what osC version are you running? If it's 2.2, there are a LOT of security patches you need to apply, pronto. There are also many fixes to permit recent PHP versions. You'd be best off migrating to 2.3.3.4.

Link to comment
Share on other sites

Thank you MrPhil. I found the problem to the login and its working now.

 

I am running 2.3.1 as of now. I was going to use 2.3.3.4 but the addons I wanted to use don't work in there yet. I am not the best at coding so I don't know how to modify them.

 

I still have the problem of not being able to access my admin site while the SSL is active. I can block SSL access to the site and it works fine but when I unblock SSL i can't get my admin to work. I log in and it gives me a 404 error.

 

Any ideas on this?

 

Also, I have some affiliate programs I am part of and the links to those are not working with SSL turned on. Is there a way around this?

 

Again.. thank you for your help.

Link to comment
Share on other sites

My understanding is that most add-ons that work for 2.3.1 will work for 2.3.3.4. Maybe if you listed them (here or in a new thread), people familiar with them could chime in and tell you if they work unmodified, need a little work, or aren't worth the effort.

 

When you say "SSL turned on", are you saying "with https: protocol", or something else? Have you checked what your SSL certificate (private, I presume) is issued for -- the www. or non-www. form of your domain? One usually won't work with the other, so make sure everything's consistent.

Link to comment
Share on other sites

I should have elaborated. Hostgator gave me a code, for my htaccess, to force all my pages to show the HTTPS. When I have that working and all my pages show the https in the address, the admin site won't work and neither will the affiliate links that I have. When the site doesn't show the https everything works fine and the only time https shows is when its on a page that requires customer input.

 

I would rather have the https showing at all times so my customers see that its secure from the start. But as long as their information is encrypted that is all that really matters.

 

The company I got the SSL from coded it to work with both the www and without.

 

The addons I am really needing is the Easy Populate and SEO headers. the others are just for looks mainly. I see a new Easy Pop that is supposed to work on 2.3.3.4 also. I am looking at that. I am going to keep the one I have for now, because i have a theme for the holidays that I like and not sure I can make it work for 2.3.3.4. Still learning all this stuff and don't want to get to deep as of yet.

 

Again.. thank you.

Link to comment
Share on other sites

Archived

This topic is now archived and is closed to further replies.

×
×
  • Create New...